Acxiom, a data broker that collects 1,500 data points per person on over 700 million consumers total and sells analysis of such information, is trying to ward off federal privacy regulations by flaunting transparency—a diluted term, in this case—around user data. The company just launched AboutTheData.com, a site that will let users see and edit some information that Acxiom has about them—only "some," since Acxiom's analytics reveal far more information about you (living habits and personal preferences) that isn't readily available to you, but is sold to partner companies.

Everyone should be deeply concerned about data brokers. These companies are scavengers for very personal data, amassing details about everything from "major life events" (like a wedding or a baby) to your browsing history and shopping habits, and they have even begun exploring business relationships with social media giants like Facebook and Twitter. And once this data is collected, it's a small step away from government agencies and law enforcement. (There was hubbub around Acxiom and travel information, which the government collected and inadvertently shared.) ACLU has an excellent breakdown of Acxiom after the company released operational details in response to a Congressional inquiry.

The Federal Trade Commission (FTC) has launched an in-depth investigation into data brokers to see what information they gather and how it is used. Commissioner Julie Brill recently wrote an op-ed demanding transparency around what user data is being collected through a voluntary "Reclaim Your Name" campaign.

As Commissioner Brill notes, these companies "load all this data into sophisticated algorithms that spew out alarmingly personal predictions about our health, financial status, interests, sexual orientation, religious beliefs, politics and habits." These nuggets of information are subject to limited protections, leaving the door wide open for abuse. And consumers have extremely little control. Not only do we not know what information—correct or not—has been collected, but we often have limited means of opting out.

Of course, checking Acxiom's database requires entering personal information about yourself (name, address, birthday, Social Security number) before you can view or edit your information. This entered information, their privacy policy indicates, "may be shared within the Acxiom Corporation family of businesses" to fulfill a request. Users who are wary of entering their personal information should proceed with caution given the wording of this privacy policy, since there is no clear indication that entering your information will be used only to look up your records and will not itself be saved.

Being able to edit one's information is critical—aggregated misinformation by companies like Acxiom has cost people jobs. And users of the new site have had mixed-to-negative results. Folks are often shocked by how mistaken some of the data is about them, leading some to suggest that AboutTheData.com is simply a free, crowdsourced data cleaning service for Acxiom. Since the new site came out, some have carefully questioned if transparency is helpful in this case at all.

Though limited, it is encouraging to see a company take this step towards transparency—there's even a clearly marked opt-out button. But this isn't enough at all. And we have to remember that Acxiom is just one entity in a field of over 250 data brokers.

It's too soon to tell if Acxiom's move will cause a domino effect, or whether transparency and privacy are truly points of competition. "Self-regulation" by the data broker industry leaves much up in the air—especially when highly personal information at stake. The FTC has called for information about data brokers to be amassed on one centralized site, and there's no reason for that site not to have a simple one-click opt out. Legislative efforts—especially in California—are taking steps to empower consumers. One, AB 370, would update California's Online Privacy Protection Act (CalOPPA) and require websites to clearly explain to their users how they respond to Do Not Track signals. Another, California's Right to Know Act, would also allow consumers to request exactly what information companies have about them, as well as who they're sharing such data with.

Ultimately, we need a system with teeth that allows consumers to take fuller control of data about them.

Related Updates

Over the next few weeks, EFF and our allies will enter our final push to pass legislation out of the California legislature that would defend and promote civil liberties. With a Democratic super-majority eager to push back against the federal government, our chances have seldom been better to move the...

SAN FRANCISCO, CALIFORNIA—The Electronic Frontier Foundation (EFF) announced today that whistleblower and activist Chelsea Manning, Techdirt editor and open internet advocate Mike Masnick, and IFEX executive director and global freedom of expression defender Annie Game are the distinguished winners of the 2017 Pioneer Awards, which recognize leaders who are extending...

Internet users across California have been calling their state legislators to demand they restore their broadband privacy rights by passing A.B. 375. So far that public pressure has been overriding the opposition from major cable and telephone companies (although many ISPs based in California actually support the privacy rules) as...

Don't Trust Data Localization Exceptions in Trade Agreements to Guarantee Protection of Personal Data The digital economy relies on cross-border provision of services and goods, and in the past government trade regulators have embraced the borderless nature of the Internet and adopted light-touch regulation. But with the growing perception of...

Washington, D.C - The Electronic Frontier Foundation (EFF) urged the U.S. Supreme Court today to curb law enforcement’s expansive tracking of suspects’ cell phones, arguing that police must get a warrant before collecting the detailed location data that all phones generate as part of their routine functioning. The defendants...

WASHINGTON, D.C.—The Electronic Frontier Foundation (EFF) asked the Supreme Court to review and overturn an unprecedented ruling allowing the government to intercept, collect, and store—without a warrant—millions of Americans’ electronic communications, including emails, texts, phone calls, and online chats. This warrantless surveillance is conducted by U.S. intelligence agencies...

This blog post was first published in The Hill on July 18, 2017. This summer, the U.S. Department of Homeland Security (DHS) is expanding its program of subjecting U.S. and foreign citizens to facial recognition screening at international airports. This indiscriminate biometric surveillance program threatens the personal privacy of...

New Orleans, Louisiana—Searches of mobile phones, laptops, and other digital devices by federal agents at international airports and U.S. land borders are highly intrusive forays into travelers’ private information that require a warrant, the Electronic Frontier Foundation (EFF) said in a court filing yesterday. EFF urged the U.S...

This summer, two of the west coast’s largest metropolitan areas—Seattle and Los Angeles County—took major steps to curtail secret, unilateral surveillance by local police. These victories for transparency and community control lend momentum toward sweeping reforms pending across California, as well as congressional efforts to curtail unchecked surveillance by federal...

License plates are more than numbers and letters you display on your car. When police photograph your license plate, scan it, record the precise times and locations of the scans, and store all that information indefinitely in a database, they can search this information to piece together your movements and...